Homework Assignment 03 Problems 1.1, 1.2, 1.4 shpark/VSU/CSCI451-...
-
Upload
quentin-curtis -
Category
Documents
-
view
212 -
download
0
Transcript of Homework Assignment 03 Problems 1.1, 1.2, 1.4 shpark/VSU/CSCI451-...
CSCI 451 Computer Security – Fall 2011 1
Homework Assignment 03 Problems 1.1, 1.2, 1.4 http://people.cs.vt.edu/~shpark/VSU/CSCI451-
ComputerSecurity/assignments/assignment03/assignment03.doc
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2012 2
Cryptographic ToolsSung Hee Park
Computer Science
Dept. of Math & Computer Science
Virginia State University
Petersburg, VA 23806
8/27/2012-8/31/2012
3
Lecture Objective Understand the concept of cryptographic
algorithms Understand the concept of symmetric (secrete
key) encryption Understand the concept of public-key
(asymmetric) encryption Understand the concept of digital signatures and
key management Understand the concept of secure hash
functions8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
4
Outline Cryptographic algorithms
Important element in security services Help achieve
Confidentiality Integrity Authenticity
Review various types of elements symmetric encryption secure hash functions
Message authentication
public-key (asymmetric) encryption digital signatures and key management
Examples8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
5
Symmetric Encryption
Major elements Encryption algorithm Decryption algorithm Secret\ key (shared by sender and recipient) Plaintext input Plaintext output (ciphertext)
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
6
Example – A classical but trial symmetric encryption algorithm Shift Cipher Secret key
An integer: k Encryption algorithm
c = (m + k) % n Decryption algorithm
m = (c – k) % n Example
n = 26 for English alphabet k = 3 Encrypt
Plaintext input the quick brown fox jumps over the lazy dog
Ciphertext output wkh txlfn eurzq ……
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
7
In-Class Exercise k = 8 Encrypt
Hurricane Irene shut down the university!
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
CSCI 451 Computer Security – Fall 2011 8
Hurricane Irene shut down the university!
9/7/2011-9/9/2011
P}zzqkivm(Qzmvm({p}|(lwDELv(|pm(}vq~mz{q|start of heading)
9
Attacking Symmetric Encryption Cryptanalysis
Rely on nature of the algorithm Plus some knowledge of plaintext characteristics Even some sample plaintext-ciphertext pairs Exploits characteristics of algorithm to deduce specific
plaintext or key Brute-force attack
Try all possible keys on some ciphertext until get an intelligible translation into plaintext
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
10
Cryptanalysis – Simple Example (1) English letter frequency
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
11
Cryptanalysis – Simple Example (2) Alphabet: ASCII table Encrypt a large chunk of text using the shift
cipher Novel “Mobby Dick”
Based on letter frequency Much of the plaintext input can be recovered from the
cipher text
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
12
Brute-force attack – Simple Example Alphabet: ASCII table Encrypt a large chunk of text using the shift
cipher Novel “Mobby Dick”
Try key 1, 2, …, alphabet size – 1, until the result makes sense
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
13
Exhaustive Key Search
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
14
Symmetric Encryption Algorithms
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
15
DES and Triple-DES Data Encryption Standard (DES) is the most
widely used encryption scheme Uses 64 bit plaintext block and 56 bit key to produce a
64 bit ciphertext block Concerns about algorithm & use of 56-bit key
Triple-DES Repeats basic DES algorithm three times Using either two or three unique keys Much more secure but also much slower
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
16
Advanced Encryption Standard (AES) Needed a better replacement for DES NIST called for proposals in 1997 Selected Rijndael in Nov 2001 Published as FIPS 197 Symmetric block cipher Uses 128 bit data & 128/192/256 bit keys Now widely available commercially
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
17
Block verses Stream Ciphers
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
18
Summary Introduced cryptographic algorithms Symmetric encryption algorithms for
confidentiality
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
CSCI 451 Computer Security – Fall 2011 19
In-Class Activity Find a standard publication regarding Data
Encryption Standard (DES) on the Internet. Answer the questions below.
1. Standard recommendation number? 2. Which institution proposed DES? 3. What does FIPS stands for? 4. In this document, what else algorithm has been
proposed other than DES?
9/7/2011-9/9/2011
20
Message Authentication Protects against active attacks
whereas Encryption against passive attacks (Eavesdropping)
Verifies received message is authentic contents unaltered from authentic source timely and in correct sequence
Can use conventional encryption only sender & receiver have shared key needed
Or separate authentication mechanisms append authentication tag to cleartext message
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
21
Message Authentication Codes(MAC)
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
16-,32-bit code
ciphertextDES
CSCI 451 Computer Security – Fall 2012 22
Homework Assignment 04-Implement Shift Cipher https://blackboard.vsu.edu/bbcswebdav/pid-246
104-dt-content-rid-355185_1/xid-355185_1
9/7/2011-9/9/2011
23
One-way Hash Functions: Alternative to the MAC
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
K
24
Message Authen-tification
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
Message Digest
25
Hash Function Requirements(Very Important) Applied to any size data H produces a fixed-length output. H(x) is relatively easy to compute for any given x One-way property
computationally infeasible to find x such that H(x) = h Weak collision resistance
computationally infeasible to find y ≠ x such thatH(y) = H(x)
Strong collision resistance computationally infeasible to find any pair (x, y) such
that H(x) = H(y)8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
26
Hash Functions two attack approaches
cryptanalysis exploit logical weakness in alg
brute-force attack trial many inputs strength proportional to size of hash code (2n/2)
SHA most widely used hash algorithm SHA-1 gives 160-bit hash more recent SHA-256, SHA-384, SHA-512 provide
improved size and security
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
CSCI 451 Computer Security – Fall 2011 27
Secure Hash Algorithm(SHA-1)
9/7/2011-9/9/2011
Source: FIPS PUB 180-1, Secure Hash Algorithm, http://www.itl.nist.gov/fipspubs/fip180-1.htm, Retrieved
September 5, 2012
CSCI 451 Computer Security – Fall 2011 28
In-Class Exercise Find a standard recommendation document regarding the
latest Secure Hash Algorithm(SHA) on the Internet: NIST, FIPS PUB 180-2: Secure Hash Function, http://csrc.nist.gov/publications/fips/fips180-2/fips180-2.pdf.
Read the first page of the publication and answer the questions below. (10pts) 1. Name of Standard? (20pts) 2. One-way hash functions can process a message to
produce a condensed representation. What is the condensed representation called?
(30pts) 3. What bit ranges do SHAs’ output have? (40pts) 4. Secure hash algorithms are typically used with several
cryptographic algorithms. Give at least two examples among those algorithms?
9/7/2011-9/9/2011
29
Public Key Encryption (Asymmetric Encryption)
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
30
Public Key Authentication
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
31
Public Key Requirements1. computationally easy to create key pairs2. computationally easy for sender knowing
public key to encrypt messages3. computationally easy for receiver
knowing private key to decrypt ciphertext
4. computationally infeasible for opponent to determine private key from public key
5. computationally infeasible for opponent to otherwise recover original message
6. useful if either key can be used for each role
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
32
Public Key Algorithms RSA (Rivest, Shamir, Adleman)
developed in 1977 only widely accepted public-key encryption alg given tech advances need 1024+ bit keys
Diffie-Hellman key exchange algorithm only allows exchange of a secret key
Digital Signature Standard (DSS) provides only a digital signature function with SHA-1
Elliptic curve cryptography (ECC) new, security like RSA, but with much smaller keys
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
33
Public Key Certificates
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
34
Digital Envelopes
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
35
Random Numbers random numbers have a range of uses requirements: randomness
based on statistical tests for uniform distribution and independence
unpredictability successive values not related to previous clearly true for truly random numbers but more commonly use generator
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
36
Pseudorandom verses Random Numbers often use algorithmic technique to create
pseudorandom numbers which satisfy statistical randomness tests but likely to be predictable
true random number generators use a nondeterministic source e.g. radiation, gas discharge, leaky capacitors increasingly provided on modern processors
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
37
Practical Application: Encryption of Stored Data
common to encrypt transmitted data much less common for stored data
which can be copied, backed up, recovered approaches to encrypt stored data:
back-end appliance library based tape encryption background laptop/PC data encryption
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
38
Summary introduced cryptographic algorithms symmetric encryption algorithms for
confidentiality message authentication & hash functions public-key encryption digital signatures and key management random numbers
8/27/2012-8/31/2012 CSCI 451 Computer Security – Fall 2012
CSCI 451 Computer Security – Fall 2011 39
In-Class Activity Download putty.exe from the link to
http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
Try to connect blackwell manchine Hostname: blackwell.mathcs.vsu.edu Username: firstnamelastname Password: your VSU #ID
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2011 40
In-Class Activity Example for creating encrypted private key
and self-signed certificate for the CA.
openssl req -new -x509 -keyout private/cakey.pem -out cacert.pem -days 365 -config openssl.cnf
Locate openssl.cnf Cp <path> . openssl req -new -x509 -keyout
private/cakey.pem -out cacert.pem -days 365 -config openssl.cnf
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2011 41
Example of CertificateCertificate: Data: Version: 3 (0x2) Serial Number: 1 (0x1) Signature Algorithm: md5WithRSAEncryption Issuer: C=FJ, ST=Fiji, L=Suva, O=SOPAC, OU=ICT, CN=SOPAC Root CA/[email protected] Validity Not Before: Nov 20 05:47:44 2001 GMT Not After : Nov 20 05:47:44 2002 GMT Subject: C=FJ, ST=Fiji, L=Suva, O=SOPAC, OU=ICT, CN=www.sopac.org/[email protected] Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): 00:ba:54:2c:ab:88:74:aa:6b:35:a5:a9:c1:d0:5a: 9b:fb:6b:b5:71:bc:ef:d3:ab:15:cc:5b:75:73:36: b8:01:d1:59:3f:c1:88:c0:33:91:04:f1:bf:1a:b4: 7a:c8:39:c2:89:1f:87:0f:91:19:81:09:46:0c:86: 08:d8:75:c4:6f:5a:98:4a:f9:f8:f7:38:24:fc:bd: 94:24:37:ab:f1:1c:d8:91:ee:fb:1b:9f:88:ba:25: da:f6:21:7f:04:32:35:17:3d:36:1c:fb:b7:32:9e: 42:af:77:b6:25:1c:59:69:af:be:00:a1:f8:b0:1a: 6c:14:e2:ae:62:e7:6b:30:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Comment: OpenSSL Generated Certificate X509v3 Subject Key Identifier: FE:04:46:ED:A0:15:BE:C1:4B:59:03:F8:2D:0D:ED:2A:E0:ED:F9:2F X509v3 Authority Key Identifier: keyid:E6:12:7C:3D:A1:02:E5:BA:1F:DA:9E:37:BE:E3:45:3E:9B:AE:E5:A6 DirName:/C=FJ/ST=Fiji/L=Suva/O=SOPAC/OU=ICT/CN=SOPAC Root CA/[email protected] serial:00
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2011 42
Example of Certificate Signature Algorithm: md5WithRSAEncryption
34:8d:fb:65:0b:85:5b:e2:44:09:f0:55:31:3b:29:2b:f4:fd:
aa:5f:db:b8:11:1a:c6:ab:33:67:59:c1:04:de:34:df:08:57:
2e:c6:60:dc:f7:d4:e2:f1:73:97:57:23:50:02:63:fc:78:96:
34:b3:ca:c4:1b:c5:4c:c8:16:69:bb:9c:4a:7e:00:19:48:62:
e2:51:ab:3a:fa:fd:88:cd:e0:9d:ef:67:50:da:fe:4b:13:c5:
0c:8c:fc:ad:6e:b5:ee:40:e3:fd:34:10:9f:ad:34:bd:db:06:
ed:09:3d:f2:a6:81:22:63:16:dc:ae:33:0c:70:fd:0a:6c:af:
bc:5a
-----BEGIN CERTIFICATE-----
MIIDoTCCAwqgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBiTELMAkGA1UEBhMCRkox
DTALBgNVBAgTBEZpamkxDTALBgNVBAcTBFN1dmExDjAMBgNVBAoTBVNPUEFDMQww
CgYDVQQLEwNJQ1QxFjAUBgNVBAMTDVNPUEFDIFJvb3QgQ0ExJjAkBgkqhkiG9w0B
CQEWF2FkbWluaXN0cmF0b3JAc29wYWMub3JnMB4XDTAxMTEyMDA1NDc0NFoXDTAy
MTEyMDA1NDc0NFowgYkxCzAJBgNVBAYTAkZKMQ0wCwYDVQQIEwRGaWppMQ0wCwYD
VQQHEwRTdXZhMQ4wDAYDVQQKEwVTT1BBQzEMMAoGA1UECxMDSUNUMRYwFAYDVQQD
Ew13d3cuc29wYWMub3JnMSYwJAYJKoZIhvcNAQkBFhdhZG1pbmlzdHJhdG9yQHNv
cGFjLm9yZzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAulQsq4h0qms1panB
0Fqb+2u1cbzv06sVzFt1cza4AdFZP8GIwDORBPG/GrR6yDnCiR+HD5EZgQlGDIYI
2HXEb1qYSvn49zgk/L2UJDer8RzYke77G5+IuiXa9iF/BDI1Fz02HPu3Mp5Cr3e2
JRxZaa++AKH4sBpsFOKuYudrMOkCAwEAAaOCARUwggERMAkGA1UdEwQCMAAwLAYJ
YIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1Ud
DgQWBBT+BEbtoBW+wUtZA/gtDe0q4O35LzCBtgYDVR0jBIGuMIGrgBTmEnw9oQLl
uh/anje+40U+m67lpqGBj6SBjDCBiTELMAkGA1UEBhMCRkoxDTALBgNVBAgTBEZp
amkxDTALBgNVBAcTBFN1dmExDjAMBgNVBAoTBVNPUEFDMQwwCgYDVQQLEwNJQ1Qx
FjAUBgNVBAMTDVNPUEFDIFJvb3QgQ0ExJjAkBgkqhkiG9w0BCQEWF2FkbWluaXN0
cmF0b3JAc29wYWMub3JnggEAMA0GCSqGSIb3DQEBBAUAA4GBADSN+2ULhVviRAnw
VTE7KSv0/apf27gRGsarM2dZwQTeNN8IVy7GYNz31OLxc5dXI1ACY/x4ljSzysQb
xUzIFmm7nEp+ABlIYuJRqzr6/YjN4J3vZ1Da/ksTxQyM/K1ute5A4/00EJ+tNL3b
Bu0JPfKmgSJjFtyuMwxw/Qpsr7xa
-----END CERTIFICATE-----
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2011 43
In-Class Activity Example for a user to generating the
certificate request to be signed by the CA openssl req -nodes -new -x509 -keyout
csci451privatekey.pem -out csci451req.pem -days 365 -config openssl.cnf
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2011 44
Parameters -new
this option generates a new certificate request. It will prompt the user for the relevant field values. The actual fields prompted for and their maximum and minimum sizes are specified in the configuration file and any requested extensions.
If the -key option is not used it will generate a new RSA private key using information specified in the configuration file.
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2011 45
-x509 this option outputs a self signed certificate instead of
a certificate request. This is typically used to generate a test certificate or a self signed root CA. The extensions added to the certificate (if any) are specified in the configuration file.
-keyout filename this gives the filename to write the newly created
private key to. If this option is not specified then the filename present in the configuration file is used.
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2011 46
-out filename This specifies the output filename to write to or standard
output by default. In this case, the output file will contain the self-signed certificate.
-days n when the -x509 option is being used this specifies the
number of days to certify the certificate for. The default is 30 days.
-config filename this allows an alternative configuration file to be specified,
this overrides the compile time filename or any specified in the OPENSSL_CONF environment variable.
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2011 47
In-Class Activity Generate certificate request openssl x509 -x509toreq -in csci451req.pem -
signkey csci451privatekey.pem -out csci451certrequest.pem
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2011 48
Parameters -x509toreq
converts a certificate into a certificate request. The -signkeyoption is used to pass the required private key.
-in filename
This specifies the input filename to read a certificate from orstandard input if this option is not specified. Here cs691req.pem is the certificate generated by the previous req command.
-out filename
This specifies the output filename to write to or standard outputby default. Here the output file contains the certificate request generated.
-signkey filename
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2011 49
Parameters this option causes the input file to be self signed using the
supplied private key. Here we used the private key of CS691 to sign the certificate request.
If the input file is a certificate it sets the issuer name to thesubject name (i.e. makes it self signed) changes the public key tothe supplied value and changes the start and end dates. The startdate is set to the current time and the end date is set to a valuedetermined by the -days option. Any certificate extensions areretained unless the -clrext option is supplied.
If the input is a certificate request then a self signedcertificate is created using the supplied private key using thesubject name in the request.
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2011 50
In-Class Activity CA sign certificate request openssl ca -config openssl.cnf -policy
policy_anything -out csci451signedcert.pem -infiles csci451certrequest.pem
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2011 51
In-Class Activity to generate the public key from the private key. openssl rsa -in csci451privatekey.pem -
passin pass:cs03se -pubout -out csci451publickey.pem
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2011 52
In-Class Activity # create, sign, and verify message digest
openssl sha1 -out digest.txt plain.txt Given the plain.txt, the above command
generates the SHA-1 based message digest in digest.txt file.
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2011 53
In-Class Activity openssl sha1 -sign csci451privatekey.pem -out
rsasign.bin plain.txt Given the plain.txt, the above command
generates the SHA-1 based hash and then sign it with the private key of CSCI451. The signed hash is save in rsasign.bin (binary data) file.
9/7/2011-9/9/2011
CSCI 451 Computer Security – Fall 2011 54
In-Class Activity openssl sha1 -verify csci451publickey.pem -
signature rsasign.bin plain.txt Given the plain.txt and the signed hash
received, the above command verified if it is indeed signed by CSCI451 using its public key and indeed the hash is correct.
[csci451@blackwell spark]$ openssl sha1 -verify csci451publickey.pem -signature rsasign.bin plain.txtVerified OK
9/7/2011-9/9/2011